The Arkesel SMS API lets you issue more than one API key on a single account — a separate, scoped key for each app, project, or environment. Each key authenticates your SMS requests, so you can monitor usage per integration, limit the blast radius if one key leaks, and grant access without ever exposing your main account key.
This guide is part of the Arkesel SMS API developer resources. If you are integrating the API for the first time, start with our walkthrough on how to send SMS via the Arkesel API, then come back here to set up multiple keys cleanly.
Why use multiple API keys?
One account key for everything is convenient until something goes wrong. The moment that single key powers your production app, your staging environment, and a partner’s integration, you lose visibility and control. Multiple scoped keys fix that.
Here is what separate keys give you:
- Isolate access per integration. Give each app, microservice, or project its own key. You always know which integration sent which messages.
- Cap the blast radius if a key leaks. A key that ends up in a public repo or a compromised server is a real risk. Rotate the affected key without touching your other integrations or your main account.
- Monitor usage per key. Track sending against each integration separately, so a runaway loop or an unexpected spike is easy to spot and trace back to its source.
- Grant access without exposing your main key. Hand a scoped key to a contractor, a partner, or a new service. Revoke it later without disrupting anything else.
This is standard practice for any team running more than one integration. Treat each key as a credential tied to one job, not a master password shared across your whole stack.
Building your first integration? See the full SMS API reference in the Arkesel developer documentation for endpoints, parameters, and copy-paste code samples.
What each Arkesel SMS API key can do
Each key you create is a working credential for the Arkesel SMS API. Used on its own, a scoped key lets you:
- Send SMS through the Arkesel SMS API on behalf of that specific app or project
- Authenticate requests independently of your other keys
- Track sending tied to that key, so usage stays attributable per integration
- Be deactivated on its own when an integration is retired or a key is compromised
Because each key is scoped to a single integration, you keep a clean separation between, say, your live customer notifications and a test environment — without juggling one shared credential.
How to create and manage multiple Arkesel SMS API keys
You manage your Arkesel SMS API keys from inside your Arkesel account, in the SMS API area of the dashboard. The flow is straightforward:
- Log in to your Arkesel account at account.arkesel.com and open the SMS API section of your dashboard.
- Create a new key for the app, project, or environment you are setting up. Name it clearly — “production-app,” “staging,” or the project name — so you can tell your keys apart at a glance.
- Generate and copy the key. Store it securely in your application’s environment variables or secrets manager. Never commit a key to source control or hard-code it into client-side code.
- Repeat per integration. Issue one key per app or environment rather than reusing a single key everywhere.
- Deactivate or rotate any key that is no longer needed or may have been exposed.
For the current step-by-step in the live dashboard and the exact API-keys screen, follow the Arkesel developer documentation, which stays in sync with the platform.
How does the Arkesel SMS API authenticate requests?
The Arkesel SMS API authenticates every request with your API key sent in the api-key header. You make a single JSON POST request to https://sms.arkesel.com/api/v2/sms/send to send a message — the key in the header tells Arkesel which account and which scoped key the request belongs to.
Arkesel gives you copy-paste code samples in cURL, Python, Node.js, and PHP to get you sending quickly. There is no official SDK client library to install — you call the REST endpoint directly, which keeps the integration lightweight and language-agnostic.
Whichever scoped key you use in the header determines how that traffic is attributed. So a request from your staging key and a request from your production key hit the same endpoint but stay cleanly separated in your account.
Ready to build? Explore the full Arkesel Developer APIs or the underlying Arkesel SMS Platform to see what you can power with your keys.
Frequently asked questions
How do I create and manage multiple API keys in Arkesel? Log in to your Arkesel account, open the SMS API area of your dashboard, and create a separate key for each app, project, or environment. Name each key clearly, store it securely, and deactivate or rotate any key you no longer need. The Arkesel developer documentation carries the current dashboard steps.
Why should a developer use a separate API key for each app, project, or environment? Scoped keys isolate access per integration, cap the blast radius if a key leaks, and let you monitor usage per key. You can also grant a key to a partner or contractor and revoke it later without exposing your main account key or disrupting other integrations.
How does the Arkesel SMS API authenticate requests? It uses your API key in the api-key header on a single JSON POST request to https://sms.arkesel.com/api/v2/sms/send. Arkesel provides copy-paste samples in cURL, Python, Node.js, and PHP — there is no official SDK to install; you call the REST endpoint directly.
Start sending with the Arkesel SMS API
Multiple scoped keys keep your integrations clean, traceable, and secure as you add more apps and environments. The Arkesel SMS Platform is available across Ghana, Nigeria, Kenya, South Africa, and Tanzania, with direct carrier connections built for reliable delivery at scale.
Create your Arkesel account and start sending SMS via the API today.
